This week in Rails: Happy New Year!

Posted by andatki, January 9, 2016 @ 1:02 am in News

Happy New Year! Welcome to the first 2016 issue of This week in Rails.

I’m Andy, and before diving in to contributions from this week, let’s briefly recap some stats from 2015. Our 12 editors released 50 issues summarizing over 6500 commits to Rails! Each issue is now being sent to over 4300 subscribers.

What a great year! To celebrate, sweep up some confetti laying around from last weekend, toss it in the air, and sing some bars of Auld Lang Syne.

This Week’s Rails Contributors

79 people contributed to Rails since the last issue on December 18, 2015! Check out the list of issues if you’d like to help out as well.

RailsConf 2016 CFP deadline

Interested in speaking at RailsConf 2016 in Kansas City? Call for proposals closes January 15th, 2016, 11:59pm CST! You’ve got 1 week!

New Stuff

Security: Per-form CSRF tokens

Changes brought upstream from GitHub, related to Content Security Policy (CSP) and securing forms. Check out the links in the PR to learn more.

Default new apps to tag logs with request_id

The :request_id log tag ensures that each request is tagged with a unique identifier.

Short-hand methods for types in MySQL

This change adds short-hand methods like tinyblob and mediumblob for text and blob types when using MySQL.

Fixed

Don’t output to STDOUT twice

Stops printing messages twice with rails console or rails server and a logger set to output to STDOUT.

Faster

Replace x.times.map{} with Array.new(x){}

Small performance improvement supported with a benchmark. Check out the results.

Wrapping Up

That’s all for This week in Rails. As always, there are many more changes than we have room to cover here, but feel free to check them out yourself.

Until next time!

This week in Rails: Rails 5 - The Beta Awakens

Posted by toddbealmear, December 19, 2015 @ 7:48 pm in News

I hear you’re looking for a pilot. Name’s Todd Solo, captain of This Week in Rails. She may not look like much, but this bucket of bolts did the Kessel Run in less than twelve parsecs. She’s more than capable of smuggling all of the latest Rails intelligence to you.

I’ve got a very Special Edition™ for you this week - we’re celebrating the release of the very first beta of Rails 5! We’re going to be covering all of the big additions made since the release of Rails 4.2 in this issue. Don’t worry - no Bothans died to bring you this information.

This Release’s Contributors

We had 790 scruffy-looking nerf herders contribute to this release. That’s over 7000 commits in a little over a year! Give all of these folks a big round of applause!

Rails 5 Only Supports Ruby 2.2.2+

This is important - Rails 5 will only support versions of Ruby greater than 2.2.2. Ruby 2.2 introduces a number of new features and performance enhancements that the Rails team wants to capitalize on. You can read more about Ruby 2.2 in the release announcement.

New Stuff

Action Cable

In case you haven’t heard, Rails 5 is bringing WebSocket support along with it! Action Cable is a completely integrated solution for building WebSocket apps in Rails. Give it a spin!

Rails API

Rails 5 introduces support for API-only apps. Based on the wonderful work done by the Rails API project, you can now generate apps that strip out parts of Rails not needed for pure backends.

New Command Router

Why do you start a console with rails console, but run migrations with rake db:migrate? That doesn’t make any sense. Starting in Rails 5, many of these old rake commands can be run with rails instead.

Attributes API

Your models are getting a new attribute class method in Rails 5, allowing you to easily define a relationship between the model and a non-Active Record type. No more misusing serialize!

ApplicationRecord

Just like ApplicationController, we’re getting an ApplicationRecord model superclass in Rails 5. Now you don’t have to monkeypatch ActiveRecord::Base to add functionality!

ActiveRecord::Relation#or

A long requested feature, ActiveRecord::Relation is finally getting the #or method we’ve all wanted.

Wrapping Up

That’s all for This week in Rails. As always, there are plenty of things we’re not able to cover here, so I highly recommend you take a peek at the release announcement and CHANGELOGs.

We’ll be back to our regularly scheduled program next week.

Until next time - may the Force be with you!

Rails 5.0.0.beta1: Action Cable, API mode, Rails command

Posted by dhh, December 18, 2015 @ 8:00 pm in Releases

Rails 5.0! Can you believe it? We only just celebrated the tenth anniversary of Rails 1.0 a few days ago. Time flies when you’re having fun with good friends, and we’ve never had more fun or better friends in the Rails community, so no wonder it’s going swoosh! Now this is just the first beta release, but Rails 5.0.0.beta1 is already running Basecamp 3 in production.

Action Cable

The big new thing in Rails 5.0 is a brand-new framework for handling WebSockets called Action Cable. It’s a completely integrated solution that includes an EventMachine-powered connection loop, a thread-backed channels layer for server-side processing, and a JavaScript layer for client-side interaction. It’s incredibly easy to use, and makes designing live features like chat, notifications, and presence so much easier. It’s what’s powering all those features of Basecamp 3, if you want to see it in action.

What’s really lovely about Action Cable is that you get access to your entire Active Record and PORO domain model in your WebSockets work. We even added a brand-new ActionController::Renderer system that makes it trivial to render your templates outside of controllers, when you want to reuse server-side templates for WebSocket responses.

In development, Action Cable runs in-process with the rest of your app. To do this, we’ve switched the default development server from Webrick to Puma. In production, you may well want to run Action Cable servers in their own processes. That’s how we run it at Basecamp at scale.

Special thanks to Pratik Naik and Javan Makhmali for their formative work.

API mode

Rails is not only a great choice when you want to build a full-stack application that uses server-side rendering of HTML templates, but also a great companion for the new crop of client-side JavaScript or native applications that just needs the backend to speak JSON. We’ve made this even clearer now with the new –api mode. If you create a new Rails application using rails new backend --api, you’ll get a slimmed down skeleton and configuration that assumes you’ll be working with JSON, not HTML.

There’s still more work to be done on this feature, but we’re off to a great start. By default, API mode just relies on #to_json calls on model classes. But you can either use Jbuilder, Active Model Serializers, or look at the new JSONAPI::Resources project for a more advanced solution.

Thanks in particular to Santiago Pastorino and Jorge Bejar for making this happen.

One Rails command to rule them all

Why are some commands living in bin/rails and some commands living in bin/rake? That’s a common question, especially for beginners, and we never had a good answer (just lots of technical excuses). So now we’ve committed to making bin/rails the one master command to rule them all. All your rake commands are available through here as a gateway, but we’ll eventually port many of them over. So your fingers will now have to get used to bin/rails db:migrate instead of bin/rake db:migrate. That should only take a few months!

Kasper Timm Hansen has been herding this project.

A few other highlights

  • New Attributes API by Sean Griffin.
  • The test runner now reports failures inline, so you don’t have to complete the suite to see what went wrong.
  • ApplicationRecord has been born as a default parent class of all models created by the generators.
  • ActiveRecord::Relation#in_batches makes it much easier to deal with record work in batches at a time to lessen memory overloads.
  • Post.where(‘id = 1’).or(Post.where(‘id = 2’)) gives you exactly what you’d think!
  • No more accidentally halting Active Record callbacks because the last statement is false. Now you throw(:abort) explicitly!

You should really checkout the CHANGELOGs, though. There’s just so much new and good stuff available in all the frameworks:

Claudio did a nice little slide deck walking through some of his favorite improvements (and removals!).

Note too that we’re cooking Turbolinks 5 – the one with native iOS and Android wrapper implementations! – for concurrent release with Rails 5. You can follow along on basecamp/turbolinks/v5.

Maintenance consequences

As per our maintenance policy, the release of Rails 5.0 will mean that bug fixes will only apply to 5.0.x, regular security issues to 5.0.x and 4.2.x, and severe security issues also to 5.0.x and 4.2.x (but when 5.1 drops, to 5.1.x, 5.0.x, and 4.2.x). This means 4.1.x and below will essentially be unsupported! Ruby 2.2.2+ is now also the only supported version of Ruby for Rails.

Please help us make Rails 5.0 solid!

We rely on the feedback from everyone in the community to flush out bugs and upgrade issues ahead of a big release like this. So please give Rails 5.0 a try on your app, and if you’re starting a new app today, you should probably use the beta1 for that, if you’re just the least bit savvy with Rails.

Issues can be recorded on the Github issues tracker.

Already, 789 people have contributed to this new release of Rails. Please do become one of them!

Your dynamic release manager duo for Rails 5.0 is Eileen M. Uchitelle and Sean Griffin. And the undisputed PR merge champ is Rafael França!

This week in Rails: GZipped Asset, API error responses and more!

Posted by vipulnsward, December 11, 2015 @ 11:08 am in News

Hello everyone! 🌨

This is Vipul, bringing you the latest from Rails.

P.S: Here’s something for all those at RubyKaigi 🍣. Enjoy!

This Week’s Rails Contributors

This week 26 fabulous people contributed to Rails, including 6 first-time contributors! Check out the list of issues if you’d like to help out as well.

Sprockets: Reintroduce gzip file generation

GZip file generation was taken out last year from sprockets. This change re-introduces compressed file generation and parallel file writing, which is useful for web servers that don’t support gzipping static assets. This is pretty useful if you are on a service like Heroku.

New Stuff

Introduce after_{create,update,delete}_commit callbacks

New shortcuts were added to after_commit .. on: :action.

For example, after_commit :add_to_index_later, on: :create can now be written as after_create_commit :add_to_index_later.

Improved

Rails API: Ability to return error responses in json format in development

Previously error pages are always being delivered in html pages in development mode, which is not handy when you would like to view json responses. This change adds support for viewing errors in json format. It also makes sure that when requesting resources like post/1.json, when error occurs, it returns json response based on json format in url, unlike previously used html format.

Changed the protect_from_forgery prepend default to false

protect_from_forgery will now be inserted into the callback chain at the point it is called in the application. This is useful for cases where you want to protect_from_forgery after you perform required authentication callbacks or other callbacks that are required to run after forgery protection.

If needed, you can use protect_from_forgery prepend: true to always run protect_from_forgery before others.

request_forgery_protection initializer is removed from Rails API

Usually in Rails API, you would not use protect_from_forgery, by default. The initializer to add this option- request_forgery_protection is now removed if you are creating an API.

Fixed

Subscribing to notifications while inside the instrumented section.

Previously if we tried to do

ActiveSupport::Notifications.instrument('foo') do
  ActiveSupport::Notifications.subscribe('foo') {}
end

it would create an error, because for the subscribe inside block, the dynamic subscription does not yet exist. This change make sure that subscriptions inside instrumentation get notified as well.

Add redirection path in the error message of assert_response if response is :redirect

Previously, if assert_response was checking for any non-redirect response like :success and actual response was a :redirect then, the error message displayed was like - Expected response to be a <success>. This change, now shows the redirected path in error response as - Expected response to be a <success>, but was a redirect to <http://test.host/posts/lol>

Wrapping Up

That’s all for This week in Rails. As always, there are many more changes than we have room to cover here, but feel free to check them out yourself.

Until next time!

This week in Rails: Rails command infrastructure and more!

Posted by marcelmorgan, December 7, 2015 @ 6:27 am in News

Hello everyone!

This is Marcel, bringing you the latest news in Rails.

This Week’s Rails Contributors

This week 28 fabulous people contributed to Rails. Check out the list of issues if you’d like to see your name up there.

New Stuff

Rails Command Infrastructure

The infrastructure needed to support the movement of rake tasks to the rails command is now in place. This paves the way to make it easier to learn commands for persons new to Rails.

Improved

Allow use of minitest-rails gem with test runner

An explicit global namespace to Rails::TestUnitReporter has been added to resolve a namespace conflict between minitest-rails and Rails test runner.

Fixed

Initialized STI models are now casted to the default type

If a database default was specified for the type column used in Single Table Inheritance (STI), it did not cast new instances to default type on initialize. This is now fixed.

Replace ActionMailer::Base.respond_to? with respond_to_missing?

This simple refactor utilizes the respond_to_missing? hook introduced in Ruby 1.9. This prevents the usage of the method method from raising a NameError.

Clarify connection pool error message

The previously error message whenever all connections in the pool were used up, did not mention that.

Wrapping Up

That’s all for This week in Rails. As always, there are many more changes than we have room to cover here, but feel free to check them out yourself.

Until next time!

This week in Rails: Don't Miss Our Black Friday and Cyber Monday Deals!

Posted by chancancode, November 28, 2015 @ 6:38 pm in News

Hello everyone!

This is Godfrey, bringing you the latest news deals in Rails. Have you been holding out on getting the latest copy of Rails? Don’t wait any longer as we are having our biggest sale of the year this weekend. Check out these unbelievable deals before they are gone!

🆓 RailsConf Tickets Giveaway

Limited Time Offer! Enter the RailsConf Tickets Giveaway (a.k.a. the Call For Proposals) by submitting a talk proposal! If your talk is selected, you will win a FREE admission to the conference!

Terms and conditions apply, see website for details.

🆓 Lifetime Rails Contributor Membership

As Seen On The Interwebs! Start collecting points like these 25 individuals with our award-winning rewards program. To apply for your FREE membership, simply submit a pull request to Rails. Membership never expires!

New Stuff

🆓 PostgreSQL Geometric Types Support

In-Store Only! Get FREE support for PostgreSQL data types (such as line, path and polygon) in schema.rb when you upgrade to Rails 5.

🆓 Certificate of Origin

Bonus Upgrade Offer! Rails 5 apps will be equipped with a FREE Origin header check if one is present in the request. When upgrading, existing apps will be given an option to enable the security feature at no additional cost.

Improved

🆓 Source Code Extraction

NOT A Pricing Error! If something went wrong in an AJAX request, Rails will now throw in the extracted source code in plaintext for FREE, making things easier to read in your browser’s console.

🆓 Dead Code Removal

Everything Must Go! As part of our clearance, a piece of dead code was discovered and promptly set FREE. No wonder everyone is so excited!

Fixed

🆓 Race Condition Protection

While Supplies Last! When the Evented File-System Monitoring project landed on master, a contributor pointed out a potential race condition. After ( a few attempts, we have finally arrived at a solution to FREE us from the danger!

Correction

🆓 byebug Upgrade Program

Manufacturer Rebate! In the last issue, we recommended byebug 7.0. Turns out the latest version is actually 8.2.1 (as of this week), which addressed some issue with the 7.0 release.

To compansate you for the trouble, we decided to offer a FREE byebug upgrade program for our readers. Simply change your Gemfile entry accordingly and run bundle install, and our agents will make sure the library is upgraded.

Wrapping Up

That’s all for This week in Rails. As always, there are many more changes deals than we have room to cover here, but feel free to check them out yourself.

Until next time!

This week in Rails: RailsConf 2016, frozen Hash keys, faster byebug and more!

Posted by chancancode, November 21, 2015 @ 8:50 am in News

Hi everyone! This is Godfrey bringing you the latest news from Rails.

RailsConf 2016

The RailsConf 2016 website is up! This year, we will be gathering in Kansas City from May 4 to May 6. If you would like to submit a talk, the call for proposals (CFP) is open from now until Jan 15!

This Week’s Rails Contributors

This week we have seen commits from 29 different contributors in the Rails repository, including 6 new faces!

Improved

Frozen FK Names For Association

When you use a non-frozen (i.e. mutable) string as a Hash key, Ruby would have to duplicate and freeze it in order to guarantee a stable hash key.

This is usually fine, but when that string is used to build many different hashes, the work adds up. Fortunately, we can simply freeze it upfront to avoid the repeated work.

Faster byebug

byebug 7.0 has recently been released with some major performance improvements. (See this pull request for details.) If you are using byebug for debugging, you might want to upgrade!

Speeding Up Enumerable#sum

Did you know that Enumerable#{inject,reduce} can take a symbol as its argument? Apparently, this is slightly faster too! (Note: this is different from inject(&:method) which goes through Symbol#to_proc.)

Fixed

Use Instead Of +…+ In Docs

Usually, you can use +some_word+ to switch to fixed-width fonts in Rails’ documentation. However, the parser for this rule would sometime fail in some more complex cases.

If you are not sure when to use which, be sure to check the guidelines, or just check the output locally by running rake rdoc.

Wrapping Up

That’s all for This week in Rails. As always, there are many more changes than we have room to cover here, but feel free to check them out yourself.

Until next time!

This week in Rails: new releases, exciting Rails 5 stuff and more!

Posted by imtayadeway, November 14, 2015 @ 2:53 am in News

Hey everyone - Tim here with another monster update with all the exciting Rails-related goings-on from this week.

Riding Rails: Snappier Development Mode in Rails 5

One of the nicest things about development mode in Rails has to be the sheer convenience of running on your latest revision on each request. This of course comes at a performance cost but is about to change: instead the filesystem will notify Rails asynchronously of any changes.

Rails 4.2.5 and 4.1.14 are here!

This week saw the release of both 4.2.5 and 4.1.14 versions of Rails. Go upgrade while they’re still hot!

This Week’s Rails Contributors

This week 33 fabulous people contributed to Rails. Check out the list of issues if you’d like to see your name up there.

New Stuff

New! days_in_year method added to Time

Now you can can call Time.days_in_year and, at the time of writing it will return 365. Call it next year and it will give you 366. Nice!

String#parameterize gets a preserve_case option

This change adds an option to Preserve-the-CASE of the string instead of casting-everything-to-lowercase when generating parameters.

Improved

Improve support for non Active Record associations on validation

Support for non-Active Record associations just got better by skipping marked_for_destruction? when going through validations if it’s not implemented, making it easier to define virtual associations.

Return a sized Enumerator from Hash#transform_values

You can now discover the size of a hash whose values have been transformed.

Fixed

Exclude views when fetching tables on all the connection adapters

This brings more consistency across the adapters where those for MySQL and SQLite would return views in addition to tables when calling #tables, where PostgreSQL would not. Now they all return tables, and no views.

Wrapping Up

That’s all for This week in Rails. As always, there are many more changes than we have room to cover here, but feel free to check them out yourself.

Until next time!

[ANN] Rails 4.2.5 and 4.1.14 have been released!

Posted by rafaelfranca, November 13, 2015 @ 10:00 pm in Releases

Hi everyone,

I am happy to announce that Rails 4.2.5 and 4.1.14 have been released.

No regressions were found so these releases include the same changes that the last release candidates.

CHANGES since 4.1.13

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

CHANGES since 4.2.4

To view the changes for each gem, please read the changelogs on GitHub:

Full listing

To see the full list of changes, check out all the commits on GitHub.

SHA-1

If you’d like to verify that your gem is the same as the one I’ve uploaded, please use these SHA-1 hashes.

Here are the checksums for 4.1.14:

$ shasum *4.1.14*
5919a0cab01f7c3f8d5f0a6cff842892cce518dd  actionmailer-4.1.14.gem
20bb0227cbaa19eb98e874e95db2fd753222a587  actionpack-4.1.14.gem
fb6c11e671d1feaa8e87f9acd869905fec044009  actionview-4.1.14.gem
9ab9d3ba4d8a67d8b40e2cf43ac6e2e0d0334437  activemodel-4.1.14.gem
9e0911dcc1b63a3dd651f5cce2cca04cf2cbf2f7  activerecord-4.1.14.gem
0a1d85dda70b940ca15d3b61cd4dd7edf1414275  activesupport-4.1.14.gem
146ac389047574a995dda86d464788c6c742ae02  rails-4.1.14.gem
d09a0fb9d9c66119f990afa0441eaebdbcbafa51  railties-4.1.14.gem

Here are the checksums for 4.2.5:

$ shasum *4.2.5*
bddfd0c5032babc04a6b6d096a19195a4fde8581  actionmailer-4.2.5.gem
21f3ccbfa63d6a97ea5c3a9ae816388e138d767a  actionpack-4.2.5.gem
1295aae8a8b5389b3e067ba937abecbd2a61eacf  actionview-4.2.5.gem
9583de133e9fe152ba36491ec0a8255d73416503  activejob-4.2.5.gem
f93fcd7979a4a8370783a88535d4409e70dbb3d1  activemodel-4.2.5.gem
c7c3466b4c6866577b18c4e1238c5db1f6bfdd03  activerecord-4.2.5.gem
454eb06a069f82d5830232edde40c14fd0f1cc3c  activesupport-4.2.5.gem
95b0fa311e719893165ae33c8378580b6da5e485  rails-4.2.5.gem
672b88b0d54b48f71893a99e581032054d688e70  railties-4.2.5.gem

I’d like to thank you all, every contributor who helped with this release.

Snappier Development Mode in Rails 5

Posted by fxn, November 11, 2015 @ 6:52 am in Edge

In Rails 5 development mode is going to be a tad snappier for large code bases.

As you know, when a request comes in Rails reloads1 applications in development mode2 if something has changed. The way this is done has evolved over the years.

For a long time Rails simply reloaded unconditionally in every request.

Rails 3.2 improved that with the implementation of a file system monitor which (mod details) walks the application tree on every request checking mtimes.

That tree walk is done per request, not per page view. In particular, it happens when serving each one of the assets so, albeit walking an application tree once may not be a big deal, it may add up depending on the number of assets and how large is your code base.

Rails 5 is going to ship also with an evented file system monitor. When something changes the operating system calls Rails asynchronously and a flag is toggled. When a request comes in, the flag is checked, done.

This monitor is disabled by default, applications may opt-in just loading the listen gem in their Gemfile:

group :development do
  gem 'listen', '~> 3.0.4'
end

On Linux and Mac OS X there are no additional dependencies, but some are required for *BSD and for Windows. Note that some setups are unsupported.

Even if the evented monitor is enabled, the console still needs manual reload because it could be surprising that classes change behind the scenes while there are objects already instantiated. Better be explicit.

Thanks to Puneet Agarwal, who wrote the initial patch for this feature as part of this year’s GSoC.

Also kudos to the listen authors and maintainers, thanks to listen this was infinitely easier to implement in a portable way.

1 For a technical explanation of what “reloading” means please check the Autoloading and Reloading Constants guide.

2 Technically when config.cache_classes is false.